Reverse Engineering the JD Login Flow: Slider Verification and H5ST Token Generation
Target Endpoint and Initialization
The target for this analysis is the login portal of a major e-commerce platform. The primary objective is to intercept and decrypt the h5st signature parameter (version 4.7.4) and handle the accompanying CAPTCHA verification.
Base64 encoded target: aHR0cHM6Ly9wYXNzcG9ydC5qZC5jb20vbmV3L2xvZ2luLmFzcHg=
Request ...
Posted on Sat, 30 May 2026 21:09:43 +0000 by cedtech31
Reverse Engineering a Product Recommendation API in the Dewu Mobile Application
Today's Objective
Collect product recommendation data from the Dewu app home screen
Target application version: 4.74.5
Bypassing Forced Updates
# -*- coding: utf-8 -*-
'''
@IDE : PyCharm
@version : 3.9
@Auth : Security Researcher
@time : 2024/2/25 8:01
@Description: Bypass update dialog in Dewu app
'''
import frida
import sys
rdev = frida.g ...
Posted on Fri, 08 May 2026 11:17:44 +0000 by axo